f47b9a20817865c42cfe015b2201e65e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f47b9a20817865c42cfe015b2201e65e_JaffaCakes118
Size

19KB
MD5

f47b9a20817865c42cfe015b2201e65e
SHA1

d8698dbb6217f28ce56f608d712002704e6be3fd
SHA256

6a397704139c64c86e1656b8bc21e893aa83cfcd830358bef1e0fcc8c893be71
SHA512

5732bb45697655623a9e57880e17cd839435d2e9de8e1d9a30ffa237a821fbbbb5d7874dc693a56b5358fd91ee6a114c4e2e33dc72b067ce5f1b9ab37214560b
SSDEEP

384:RPyZNjtU2m6wpFfRq/mrlTHhYG0QqjNmFzEikkfu:JyZTUqG0QqgZEikV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f47b9a20817865c42cfe015b2201e65e_JaffaCakes118

Files

f47b9a20817865c42cfe015b2201e65e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
a4e5b47ec457

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ